Title :
Investigating False Positive Reduction in HTTP via Procedure Analysis
Author :
Abimbola, A.A. ; Munoz, J.M. ; Buchanan, W.J.
Author_Institution :
Sch. of Comput., Napier Univ., Scotland
Abstract :
This paper focuses on high false-positive rate of attacks. First, the merits and demerits of research work in curbing false positive rate of attacks in intrusion detection systems (IDSs) are discussed. Then we present our research efforts in the form of an IDS called NetHost-Sensor, recap on past NetHost-Sensor research contributions and discusses in detail its novel procedure analysis technique in curbing false-positive. We discuss in detail, the NetHost-Sensor methodology, its procedure analysis technique and report on our experimental investigation that shows the reduction of false-positives, using HTTP network communication as a medium for analysis. Finally, we validate our research work by comparing false-positives with Snort IDS
Keywords :
Internet; security of data; transport protocols; HTTP network communication; NetHost-Sensor; Snort IDS; false positive attack rate reduction; intrusion detection systems; procedure analysis technique; Databases; Expert systems; Fingerprint recognition; Intrusion detection; Monitoring; Operating systems; Pattern matching; Statistical analysis; Web server;
Conference_Titel :
Networking and Services, 2006. ICNS '06. International conference on
Conference_Location :
Slicon Valley, CA
Print_ISBN :
0-7695-2622-5
DOI :
10.1109/ICNS.2006.65
